1. Support
  2. Knowledge base
  3. 100049054

Deploying NetBackup 8.3.0.1 from the AWS marketplace

Article: 100049054
Last Published: 2021-01-06
Ratings: 0 0
Product(s): Appliances

Table of Contents

  1. Objectives
  2. Terminology
  3. Prerequisites
  4. About Network Configuration
  5. Launching A Cloudformation Stack
  6. Launching The Netbackup Master Server In An Existing Vpc (Preferred)
    1. Launch Stack
    2. Connect To The Netbackup Server
  7. Launching The Netbackup Master Server In A New Vpc
    1. Launch Stack
    2. Connect To The Netbackup Server
  8. Launching The Netbackup Media Server In An Existing Vpc
    1. Launch Stack
    2. Connect To The Netbackup Server
  9. Launching The Netbackup Cloud Recovery Server In An Existing Vpc (Preferred)
    1. Launch Stack
    2. Connect To The Netbackup Server
  10. Launching The Netbackup Cloud Recovery Server In A New Vpc
    1. Launch Stack
    2. Connect To The Netbackup Server
  11. Deployment Logs

Objectives

The purpose of this user guide is to walk through the process of configuring Veritas NetBackup to deploy and run in AWS. This guide will cover the following scenarios

  • Launch NetBackup Master server using AWS Marketplace and CloudFormation templates
  • Launch NetBackup Media server using AWS Marketplace CloudFormation templates
  • Launch NetBackup Cloud Recovery server using AWS Marketplace CloudFormation templates.

Terminology

  • Master Server – The server that controls the backup and restore process and contains the catalog of all data that has been backed up.
  • Media Server – the server that carries out backup or restore using disk or cloud storage targets
  • Cloud Recovery Server – A server used to read existing backup images stored in AWS S3 and recover data in the cloud or convert virtual machines to EC2 instances

Prerequisites

  • An AWS account with privilege sufficient to create a new VPC and at least an m4.xlarge EC2 instance
  • A valid key pair for the region in which you want to deploy
  • A valid NetBackup license key or evaluation key
  • A NetBackup UsageInsights key for your account
  • If deploying a NetBackup Cloud Recovery Server, privileges to create an IAM role in the AWS account may be required

About Network Configuration

The NetBackup instances need access to the public internet for the product to function. If deploying in an existing VPC ensure that the subnet used to deploy the NetBackup instances has outgoing access to the internet, either through an internet gateway or a NAT gateway.

If you do not have a properly configured VPC available, you can choose to create a new one along with the deployment. The VPC will be created with a public and a private subnet. The NetBackup master server will be deployed in the public subnet so that you can access the NetBackup UI from a machine outside the VPC. Subsequent Media servers can be deployed in the private subnet for greater security.

Launching a CloudFormation Stack

Veritas NetBackup 8.3.0.1 can be launched from the AWS Marketplace through a CloudFormation template. When each new stack is launched, necessary parameters need to be passed to configure the environment. Using the values that are provided against each parameter, the Marketplace template launches a NetBackup server in one of two configurations:

  1. Launch NetBackup server into an existing VPC – Preferred
  2. Launch NetBackup server into a new VPC

To start with, go to the AWS Marketplace, search for Veritas, find NetBackup and follow instructions to subscribe and configure the software. While configuring, select the appropriate Delivery Method to choose whether you want to deploy a NetBackup Master, Media or Cloud Recovery Server. After you select the appropriate deployment method and version, continue to launch the Cloud Formation service within your AWS account.

Launching the NetBackup Master Server in an Existing VPC (Preferred)

To launch the NetBackup Master Server in an existing VPC, follow these steps after selecting the Master Server delivery method.
Note: Verify that the subnet that launches the Master server has internet access.

Launch Stack

  1. When you subscribe to the NetBackup Marketplace listing, the template auto populates the Specify an Amazon S3 template URL path. Click next to expose the Stack Details and select Next.
  2. Give the Stack a name.
  3. Provide Instance Configuration Parameters to decide how the EC2 Instance running NetBackup would be configured (figure 1):
    1. NetBackup Server Instance Type : Choose a supported instance type from the drop-down list, based on the size of your deployment
    2. SSH Key Pair : Choose an existing SSH key pair to be used for SSH access into the NetBackup Server
    3. NetBackup Installation Volume Size : Decide how much storage space would be assigned to NetBackup, based on the size of your deployment. For this server the installation volume size must be at least 50 GiB
    4. Use an Existing VPC? : Select True to deploy the NetBackup Server in an existing VPC in your account

figure 1: Instance Configuration Parameters

  1. Provide the parameters under VPC and Subnet details for deployment in an existing VPC to select the networking information for the NetBackup Server (figure 2)
    1. VPC ID : Provide the id of the VPC in your account where the NetBackup Server is to be deployed. Refer the Network Configuration section above to ensure that the VPC you select is properly configured.
    2. Subnet ID : Choose the subnet where the NetBackup Server is to be deployed, making sure to choose a subnet that is within the selected VPC
    3. VPC CIDR Block : Enter the CIDR block contained in the selected VPC. This information is used to create security group rules for the NetBackup server (example CIDR block: 172.31.0.0/16).
    4. Create New DHCP Option Set for this VPC? : Select true only if you want the deployment to create a new DHCP Option set for your VPC. If you already have a DHCP option set associated with your VPC that can resolve Route 53 host names using an Amazon provided DNS server, leave this parameter as false. Selecting true will override any existing DHCP options associated with the VPC.
    5. NetBackup Server Domain Name : Route53 DNS is configured with this domain name and a Record is updated in the corresponding Hosted Zone with the private IP of the NetBackup Server
    6. Is there an Existing Hosted Zone for this Domain? : Choose True if a Route53 Hosted Zone associated with the selected VPC already exists for the domain name entered above, else choose False to create a new Hosted Zone along with the deployment.

figure 2: VPC and Subnet details for deployment in an existing VPC

  1. Provide the NetBackup Installation Parameters to control the configuration of the NetBackup Master Server (figure 3)
    1. Master Server Name : The name of the NetBackup Master server
    2. Media Server Name : This NetBackup Media Server name will be added into the bp.conf file of the Master Server that is deployed. A Media server with this name can be subsequently deployed and connected to the Master server
    3. NetBackup License Key : Enter your NetBackup license key as listed in the prerequisites section
    4. NetBackup UsageInsights Customer Registration Key : Open the registration key json file, and copy and paste the entire contents in this parameter. Ensure that the entire contents of the file are being copied, or else it could cause issues in NetBackup installation

figure 3: NetBackup Installation Parameters

  1. Tag your Stack for identification
  2. Review your Stack details and proceed to launch.

Connect to the Netbackup Server

  1. Edit the security group of the NetBackup server to allow SSH access on port 22. Make sure you only allow access from trusted sources in your network.
  2. Go to the Output section in the CloudFormation Stack and note down the NetBackup server private/public IP.
  3. SSH into the NetBackup server using the username ec2-user, and the pem file corresponding to the key pair selected during deployment.
  4. Use the command sudo passwd root to set a password for the root user. Use the root user and password to log on to the NetBackup console (Java or Remote Administration Console)
  5. Launch the NetBackup web console using http://NetBackup Master IP/webui or connect to it using the NetBackup Java Console (ssh -Y)
  6. If you want to connect to the NetBackup java console, ensure that you SSH using a client that has X11 forwarding enabled

Launching the NetBackup Master Server in a New VPC

It is possible to launch the NetBackup servers in a new VPC. If you select this option, the deployment will create multiple network-related resources in your AWS account along with the NetBackup server. Follow these steps if you wish to deploy the server in a new VPC, after selecting the appropriate delivery method:

Launch Stack

  1. When you subscribe to the NetBackup Marketplace listing, the template auto populates the Specify an Amazon S3 template URL path. Click next to expose the Stack Details and select Next.
  2. Give the Stack a name.
  3. Provide Instance Configuration Parameters to decide how the EC2 Instance running NetBackup would be configured (figure 4):
    1. NetBackup Server Instance Type : Choose a supported instance type from the drop-down list, based on the size of your deployment
    2. SSH Key Pair : Choose an existing SSH key pair to be used for SSH access into the NetBackup Server
    3. NetBackup Installation Volume Size : Decide how much storage space would be assigned to NetBackup, based on the size of your deployment. For this server the installation volume size must be at least 50 GiB
    4. Use an Existing VPC? : Select False to deploy the NetBackup Server in a new VPC that will be created along with the deployment

figure 4: Instance Configuration Parameters

  1. Provide the parameters under VPC and Subnet configuration for deployment in new VPC to provide details of the VPC to be created along with the NetBackup Server (figure 5)
    1. New VPC CIDR Block : Enter the desired CIDR block that will be used to create the new VPC and security group rules for the new server. Ex: 172.31.0.0/16
    2. CIDR Block for Public Subnet : Choose a CIDR block within the VPC CIDR block that will be used for the public subnet created in the VPC. Ex: 172.31.0.0/24
    3. CIDR Block for Private Subnet : Choose a CIDR block within the VPC CIDR block that will be used for the private subnet created in the VPC. Ex: 172.31.1.0/24
    4. NetBackup Server Domain Name : A Route53 Hosted Zone for this domain name will be created, DNS is configured with this domain name and a Record is updated in the Hosted Zone with the private IP of the NetBackup Server
    5. Note: You also need to provide a VPC and subnet id in the existing VPC section. This is because AWS does not permit these inputs to be blank. Provide any VPC and subnet id; they will not be used in the deployment.

figure 5: VPC and Subnet configuration for deployment in new VPC

  1. Provide the NetBackup Installation Parameters to control the configuration of the NetBackup Master Server (figure 6)
    1. Master Server Name : The name of the NetBackup Master server
    2. Media Server Name : This NetBackup Media Server name will be added into the bp.conf file of the Master Server that is deployed. A Media server with this name can be subsequently deployed and connected to the Master server
    3. NetBackup License Key : Enter your NetBackup license key as listed in the prerequisites section
    4. NetBackup UsageInsights Customer Registration Key : Open the registration key json file, and copy and paste the entire contents in this parameter. Ensure that the entire contents of the file are being copied, or else it could cause issues in NetBackup installation

figure 6: NetBackup Installation Parameters

  1. Tag your Stack for identification
  2. Review your Stack details and proceed to launch.

Connect to the Netbackup Server

  1. Edit the security group of the NetBackup server to allow SSH access on port 22. Make sure you only allow access from trusted sources in your network.
  2. Go to the Output section in the CloudFormation Stack and note down the NetBackup server private/public IP.
  3. SSH into the NetBackup server using the username ec2-user, and the pem file corresponding to the key pair selected during deployment.
  4. Use the command sudo passwd root to set a password for the root user. Use the root user and password to log on to the NetBackup console (Java or Remote Administration Console)
  5. Launch the NetBackup web console using http://NetBackup Master IP/webui or connect to it using the NetBackup Java Console (ssh -Y)
  6. If you want to connect to the NetBackup java console, ensure that you SSH using a client that has X11 forwarding enabled

Launching the NetBackup Media Server in an Existing VPC

After deploying the Master Server, follow the following steps to launch the NetBackup Media Server in the same VPC by selecting the Media Server delivery method.

Note: Verify that the Media server is launched in the same VPC as the Master Server, and in a subnet that  has internet access.

Launch Stack

  1. When you subscribe to the NetBackup Marketplace listing, the template auto populates the Specify an Amazon S3 template URL path. Click next to expose the Stack Details and select Next.
  2. Give the Stack a name.
  3. Provide Instance Configuration Parameters to decide how the EC2 Instance running NetBackup would be configured (figure 7):
    1. NetBackup Server Instance Type : Choose a supported instance type from the drop-down list, based on the size of your deployment
    2. SSH Key Pair : Choose an existing SSH key pair to be used for SSH access into the NetBackup Server
    3. NetBackup Installation Volume Size : Decide how much storage space would be assigned to NetBackup, based on the size of your deployment. For this server the installation volume size must be at least 250 GiB

figure 7: Instance Configuration Parameters

  1. Provide the parameters under VPC and Subnet details to select the networking information for the NetBackup Server (figure 8)
    1. VPC ID : Provide the id of the VPC in your account where the NetBackup Server is to be deployed. Refer the Network Configuration section above to ensure that the VPC you select is properly configured.
    2. Subnet ID : Choose the subnet where the NetBackup Server is to be deployed, making sure to choose a subnet that is within the selected VPC
    3. VPC CIDR Block : Enter the CIDR block contained in the selected VPC. This information is used to create security group rules for the NetBackup server (example CIDR block: 172.31.0.0/16).
    4. Create New DHCP Option Set for this VPC? : Select true only if you want the deployment to create a new DHCP Option set for your VPC. If you already have a DHCP option set associated with your VPC that can resolve Route 53 host names using an Amazon provided DNS server, leave this parameter as false. Selecting true will override any existing DHCP options associated with the VPC.
    5. NetBackup Server Domain Name : Route53 DNS is configured with this domain name and a Record is updated in the corresponding Hosted Zone with the private IP of the NetBackup Server. Make sure to provide the domain name in which a NetBackup master server has already been deployed

figure 8: VPC and Subnet details

  1. Provide the NetBackup Installation Parameters to control the configuration of the NetBackup Media Server (figure 9)
    1. Media Server Name : The name of the NetBackup Media server
    2. Master Server Name : Enter the Master Server DNS name that the Media server would be able to resolve to connect to the Master Server. Also note that the Media server will expect the Master server to have the same domain as itself, and present within the same VPC.
    3. NetBackup License Key : Enter your NetBackup license key as listed in the prerequisites section
    4. NetBackup Token : The Media Server requires a token for installation to complete successfully. This token can be obtained from the Master Server using the following steps (or check the documentation for more details):
      1. Logon using the following commands:

cd /usr/openv/netbackup/bin

./bpnbat -login -loginType WEB

You will be prompted for a set of options to be provided as follows:

Authentication Broker: <master name>

Authentication port [0 is default]: 0

Authentication type (NIS, NISPLUS, WINDOWS, vx, unixpwd, ldap): unixpwd

Domain: <master name>

Logon Name: root

Password:

  1. Once you log on successfully, generate a token by running the following commands:

cd /usr/openv/netbackup/bin/

./nbcertcmd -createToken -name <token name>

figure 9: NetBackup Installation Parameters

  1. Tag your Stack for identification
  2. Review your Stack details and proceed to launch.

Connect to the Netbackup Server

  1. Go to the Output section in the CloudFormation Stack and note down the NetBackup server Private IP.
  2. SSH into the NetBackup server using the username ec2-user, and the pem file corresponding to the key pair selected during deployment.

Launching the NetBackup Cloud Recovery Server in an Existing VPC (Preferred)

To launch the NetBackup Cloud Recovery Server in an existing VPC, follow these steps after selecting the Cloud Recovery Server delivery method.
Note: Verify that the subnet that launches the Cloud Recovery Server has internet access.

Launch Stack

  1. When you subscribe to the NetBackup Marketplace listing, the template auto populates the Specify an Amazon S3 template URL path. Click next to expose the Stack Details and select Next.
  2. Give the Stack a name.
  3. Provide Instance Configuration Parameters to decide how the EC2 Instance running NetBackup would be configured (figure 10):
    1. NetBackup Server Instance Type : Choose a supported instance type from the drop-down list, based on the size of your deployment
    2. SSH Key Pair : Choose an existing SSH key pair to be used for SSH access into the NetBackup Server
    3. NetBackup Installation Volume Size : Decide how much storage space would be assigned to NetBackup, based on the size of your deployment. For this server the installation volume size must be at least 200 GiB
    4. Create IAM Role for Cloud Recovery Server? : Choose True if you do not have an existing IAM role in your account that has the required permissions for the NetBackup CRS and want one to be created with the deployment, else choose False to use an existing IAM role
    5. IAM Role Name : Enter the name of the IAM role to be created or used for the Cloud Recovery Server. Note that if you have selected to create a new role but provide the name of an existing IAM role in your account or vice versa, the deployment will fail.
    6. Use an Existing VPC? : Select False to deploy the NetBackup Server in a new VPC that will be created along with the deployment

figure 10: Instance Configuration Parameters

  1. Provide the parameters under VPC and Subnet details for deployment in an existing VPC to select the networking information for the NetBackup Server (figure 11)
    1. VPC ID : Provide the id of the VPC in your account where the NetBackup Server is to be deployed. Refer the Network Configuration section above to ensure that the VPC you select is properly configured.
    2. Subnet ID : Choose the subnet where the NetBackup Server is to be deployed, making sure to choose a subnet that is within the selected VPC
    3. VPC CIDR Block : Enter the CIDR block contained in the selected VPC. This information is used to create security group rules for the NetBackup server (example CIDR block: 172.31.0.0/16).
    4. Create New DHCP Option Set for this VPC? : Select true only if you want the deployment to create a new DHCP Option set for your VPC. If you already have a DHCP option set associated with your VPC that can resolve Route 53 host names using an Amazon provided DNS server, leave this parameter as false. Selecting true will override any existing DHCP options associated with the VPC.
    5. NetBackup Server Domain Name : Route53 DNS is configured with this domain name and a Record is updated in the corresponding Hosted Zone with the private IP of the NetBackup Server
    6. Is there an Existing Hosted Zone for this Domain? : Choose True if a Route53 Hosted Zone associated with the selected VPC already exists for the domain name entered above, else choose False to create a new Hosted Zone along with the deployment.

figure 11: VPC and Subnet details for deployment in an existing VPC

  1. Provide the NetBackup Installation Parameters to control the configuration of the NetBackup Cloud Recovery Server (figure 12)
    1. Master Server Name : The name of the NetBackup Master server
    2. NetBackup License Key : Enter your NetBackup license key as listed in the prerequisites section
    3. NetBackup UsageInsights Customer Registration Key : Open the registration key json file, and copy and paste the entire contents in this parameter. Ensure that the entire contents of the file are being copied, or else it could cause issues in NetBackup installation
    4. Cloud Recovery Server Type : Choose MSDP if the images that you want to recover using this Cloud Recovery Server were created using the MSDP cloud configuration, else choose Cloud Catalyst
    5. S3 Bucket Name : Enter the name of the S3 bucket where the images to be recovered are stored
    6. Bucket Subfolder : Only for MSDP type configurations, enter the subfolder within the S3 bucket where the images are stored.

If MSDP cloud volumes were added using the Add disk pool Wizard of NB web UI, it is the disk volume name input in the wizard.
Else, if MSDP cloud volumes (cloud LSU) was added using the CLI (nbdevconfig -setconfig), it is the lsuCloudBucketSubName option specified in the config list file

figure 12: NetBackup Installation Parameters

  1. Tag your Stack for identification
  2. Review your Stack details and proceed to launch.

Connect to the Netbackup Server

  1. Edit the security group of the NetBackup server to allow SSH access on port 22. Make sure you only allow access from trusted sources in your network.
  2. Go to the Output section in the CloudFormation Stack and note down the NetBackup server private/public IP.
  3. SSH into the NetBackup server using the username ec2-user, and the pem file corresponding to the key pair selected during deployment.
  4. Use the command sudo passwd root to set a password for the root user. Use the root user and password to log on to the NetBackup console (Java or Remote Administration Console)
  5. Launch the NetBackup web console using http://NetBackup Master IP/webui or connect to it using the NetBackup Java Console (ssh -Y)
  6. If you want to connect to the NetBackup java console, ensure that you SSH using a client that has X11 forwarding enabled

Launching the NetBackup Cloud Recovery Server in a New VPC

Launch Stack

  1. When you subscribe to the NetBackup Marketplace listing, the template auto populates the Specify an Amazon S3 template URL path. Click next to expose the Stack Details and select Next.
  2. Give the Stack a name.
  3. Provide Instance Configuration Parameters to decide how the EC2 Instance running NetBackup would be configured (figure 13):
    1. NetBackup Server Instance Type : Choose a supported instance type from the drop-down list, based on the size of your deployment
    2. SSH Key Pair : Choose an existing SSH key pair to be used for SSH access into the NetBackup Server
    3. NetBackup Installation Volume Size : Decide how much storage space would be assigned to NetBackup, based on the size of your deployment. For this server the installation volume size must be at least 200 GiB
    4. Create IAM Role for Cloud Recovery Server? : Choose True if you do not have an existing IAM role in your account that has the required permissions for the NetBackup CRS and want one to be created with the deployment, else choose False to use an existing IAM role
    5. IAM Role Name : Enter the name of the IAM role to be created or used for the Cloud Recovery Server. Note that if you have selected to create a new role but provide the name of an existing IAM role in your account or vice versa, the deployment will fail.
    6. Use an Existing VPC? : Select False to deploy the NetBackup Server in a new VPC that will be created along with the deployment

figure 13: Instance Configuration Parameters

  1. Provide the parameters under VPC and Subnet configuration for deployment in new VPC to provide details of the VPC to be created along with the NetBackup Server (figure 14)
    1. New VPC CIDR Block : Enter the desired CIDR block that will be used to create the new VPC and security group rules for the new server. Ex: 172.31.0.0/16
    2. CIDR Block for Public Subnet : Choose a CIDR block within the VPC CIDR block that will be used for the public subnet created in the VPC. Ex: 172.31.0.0/24
    3. CIDR Block for Private Subnet : Choose a CIDR block within the VPC CIDR block that will be used for the private subnet created in the VPC. Ex: 172.31.1.0/24
    4. NetBackup Server Domain Name : A Route53 Hosted Zone for this domain name will be created, DNS is configured with this domain name and a Record is updated in the Hosted Zone with the private IP of the NetBackup Server
    5. Note: You also need to provide a VPC and subnet id in the existing VPC section. This is because AWS does not permit these inputs to be blank. Provide any VPC and subnet id; they will not be used in the deployment.

figure 14: VPC and Subnet configuration for deployment in new VPC

  1. Provide the NetBackup Installation Parameters to control the configuration of the NetBackup Cloud Recovery Server (figure 15)
    1. Master Server Name : The name of the NetBackup Master server
    2. NetBackup License Key : Enter your NetBackup license key as listed in the prerequisites section
    3. NetBackup Usage Insights Customer Registration Key : Open the registration key json file, and copy and paste the entire contents in this parameter. Ensure that the entire contents of the file are being copied, or else it could cause issues in NetBackup installation
    4. Cloud Recovery Server Type : Choose MSDP if the images that you want to recover using this Cloud Recovery Server were created using the MSDP cloud configuration, else choose Cloud Catalyst
    5. S3 Bucket Name : Enter the name of the S3 bucket where the images to be recovered are stored
    6. Bucket Subfolder : Only for MSDP type configurations, enter the subfolder within the S3 bucket where the images are stored.

If MSDP cloud volumes were added using the Add disk pool Wizard of NB web UI, it is the disk volume name input in the wizard.
Else, if MSDP cloud volumes (cloud LSU) was added using the CLI (nbdevconfig -setconfig), it is the lsuCloudBucketSubName option specified in the config list file

figure 15: NetBackup Installation Parameters

  1. Tag your Stack for identification
  2. Review your Stack details and proceed to launch.

Connect to the Netbackup Server

  1. Edit the security group of the NetBackup server to allow SSH access on port 22. Make sure you only allow access from trusted sources in your network.
  2. Go to the Output section in the CloudFormation Stack and note down the NetBackup server private/public IP.
  3. SSH into the NetBackup server using the username ec2-user, and the pem file corresponding to the key pair selected during deployment.
  4. Use the command sudo passwd root to set a password for the root user. Use the root user and password to log on to the NetBackup console (Java or Remote Administration Console)
  5. Launch the NetBackup web console using http://NetBackup Master IP/webui or connect to it using the NetBackup Java Console (ssh -Y)
  6. If you want to connect to the NetBackup java console, ensure that you SSH using a client that has X11 forwarding enabled

Deployment Logs

  1. The NetBackup installation log can be found at /root/NBSetup/userdata-log on the appliance.
  2. For the Cloud Recovery Server, there is an additional configuration step after the NetBackup installation. Logs for this step can be found at /tmp/cc_config

 

Was this content helpful?

Article Languages